Cybersecurity - edX MicroBachelors Syllabus

Winter 2020
Professors: Justin Cappos, Kevin Gallagher, Keith O’Brian, Peter Klabe, Aspen Olmsted

Program Description
This is a self-paced optional course that provides an undergraduate-level introduction to
information security and privacy, network security & penetration testing. The material in
the program will help prepare students for careers and further course work in
cybersecurity, computer science and information technology.

Program Objectives
By the end of this program students should be able to:
● Apply a security mindset while remaining ethical.
● Implement security design principles.
● Explain the core concepts of access control.
● Implement reference monitors.
● Apply security policies that are commonly used in modern operating systems.
● Analyze the security of a basic secure system.
● Explain virtualization and the impact on security and efficiency.
● Think and work like an ethical penetration tester, implementing a repeatable
and mature methodology that is tailored for each assessment.
● With a given target, successfully identify vulnerabilities, score their risk, and
explain mitigations.
● Responsibly disclose findings in a professional report that can be used to
recreate the exploit, explain the impact to the target, and prioritize each
finding.
● Enumerate target hosts, domains, exposures, and attack surface.
● Identify flaws and vulnerabilities in applications, websites, networks, systems,
protocols, and configurations using both manual techniques and assistive
tools.
● Reverse engineer compiled applications to discover exploitable weaknesses.
● Write new exploits to test various types of vulnerabilities on clients, against
servers, and to escalate privileges.
● Demonstrate the fundamentals of secure network design.
● Understand the issues involved with providing secure networks.
● Analyze underlying cryptography required for secure communications,
authorization and authorization.
● Enumerate the issues involved with providing secure networks.

1
Program Structure
This program is conducted entirely online, which means you do not have to be on
campus to complete any portion of it. You will participate in the course using edX
located at https://edx.org.

Students will have access to

- Active Modules needed to be watched, answering knowledge self-check quizzes;

- Forum discussions, asynchronous;

- Auto-graded Labs
- Resource links

Learning Time Rubric

You may choose your own weekly breakdown, such as live webinar sessions.

Learning Time Asynchronous* / Time on Task Notes

Element Synchronous** for Students
(weekly)
Lecture (Active Asynchronous 4.75 hours Video format. Expect quizzes
Module) throughout the module.
Readings Asynchronous 2.75 hours Readings are provided
throughout the learning modules
Weekly Asynchronous 0.5 hours Students can interact with TA
Discussion and professor via the discussion
Board forums.
Labs Asynchronous 1.0 hours Students submit their labs to
gradescope
Quizzes & Tests Asynchronous 1.0 hours Students take quizzes open book
and Final Exam proctored with
webcam

*Asynchronous learning is defined as any non-real time student learning, such as recorded lecture, podcast,
interactive module, articles, websites, etc. This also includes any student-to-student or faculty-to-student
communication that may happen with an asynchronous tool, such as discussion board, chatroom, e-mail, text,
etc.
**Synchronous learning is defined as any real-time student-to-student and/or faculty-to-student learning,
such as a live webinar session or other video/audio communication service.

2
Course Communication

Announcements

Announcements will be posted on edX on a regular basis. You can locate all class
announcements at the top of the course page. Be sure to check the class announcements
regularly as they will contain important information about class assignments and other
class matters.

Discussion Forums

Discussion forums are an excellent way for you to engage with the course material and
with your peers. You are expected to read the discussion boards and engage in thoughtful
discussions. I will read all discussion posts and provide content clarification and feedback
when necessary.

Netiquette

When participating in an online class it is important to interact with your peers in an

appropriate manner. Always use professional language (no netspeak) in your discussion
board posts and emails. Please be respectful of your classmates at all times even if you
disagree with their ideas.

Interaction Policy
You are required to be an active online learner in this course and expected to participate
in the Active Learning Modules, weekly discussion boards, after having completed the
readings.

3
Course requirements

Participation is paramount to your success in this course. Be sure to log into edX multiple
times a week, read all announcements, complete all Active Learning Modules, and
participate in Discussion Forums.

Course Support
Accessibility Support

● Visit edX Website Accessibility Policy.

● Contact [email protected] for accessibility questions, concerns, or feedback.

Course Help

To get help with course content, click the Discussion tab and post a question in “Course
Questions”. By commenting in the pinned discussion post, the course team will be able to
respond to your question more quickly.

Technical Help

For general questions about using the edX platform, please refer to these resources.

● Technical Documentation
● Learner Help Center
● To get help with a technical problem, visit the Help link to contact edX Support.

Course evaluation will consist of by-module programming assignments, quizzes and final
exams. The quizzes, providing multiple attempts, without proctoring. The final exams
are closed books and utilize an online proctor.

Information Security - Introduction to information security (1 Credit, 5 weeks).

Unit Grading:
● Quizzes 40%

4
 ● Final Exam 60%

Unit Outcomes:
● Define the three major terms in cybersecurity (Confidentiality, Integrity, and
Availability)
● Differentiate between threats, vulnerabilities, and attacks
● Articulate different security mechanisms.
● Describe the specification, design, & implementation of secure systems
● Describe How to Design Security
● Enumerate the Fundamental Design Principles
● Describe Principles of Secure Design
● Analyze Security, Privacy, Ethics & Legal Issues related to design
● Enumerate the Security Life Cycle
● Describe Threat Modeling
● Analyze Threats using Ranking
● Apply Attack Trees
● Discuss the meaning of "security policy"
● Outline the elements of security policy
● Differentiate between security policy types, models, and levels
● Define and compare five security models (Bell-LaPadula Model, Biba Integrity
Model, Lipner’s Model, Clark-Wilson Integrity Model and Chinese Wall Model)
● Apply multilevel security policies

Unit Outline:
1. Introduction to Information Security
2. Security Design Principles
3. Threat Modeling
4. Security Policy
5. Final Exam

Information Security - Authentication and Access Control (1 Credit, 5 weeks)

Unit Grading:
● Quizzes 30%
5
 ● Labs 30%
● Final Exam 40%

Unit Outcomes:
● Describe Strengths and Weaknesses of Data Encryption Standard (DES)
● Describe Strengths and Weaknesses of Advanced Encryption Standard (AES)
● Describe Public Key Cryptography
● Describe Asymmetric Key Algorithms
● Define Hash Functions
● Describe Public Key Signatures
● Describe the Benefits of the Different Types of Authentication
● Define access control
● Apply four types of access control (Discretionary, Mandatory, Role Based, and
Unix/Linux File Access Control)
● Describe the use of the SetUID permission in Unix/Linux
● Analyze an access control scenario using an Access Control Matrix
● Differentiate between ACL and Capabilities
● Describe the use of a Reference Monitor
● Describe the Security Mechanisms built into Chromium OS
● Give Examples of Covert Channels including both Timing Channels and Storage
Channels
● Describe the Purpose of an Operating System (OS)

.
Unit Outline:
1. Introduction to Cryptography
2. Authentication
3. Access Control Part 1
4. Access Control Part 2
5. Final Exam

Information Security - Advanced topics (1 Credit, 5 weeks)

Unit Grading:
● Labs 15%
● Quizzes 35%

6
 ● Final Exam 50%

Unit Outcomes:
● Differentiate between Type 1 and Type 2 Hypervisors
● Describe Containers and their Purpose
● Describe Sandbox Computation
● Define Same-Origin Policy
● Describe SQL Injection and Common defenses
● Describe Cross Site Request Forgery (XSRF) and Common Defenses
● Describe Cross Site Scripting (XSS) and Common Defenses
● Discuss different definitions of Privacy
● Define anonymity
● Define contextual integrity
● Describe Differential Privacy
● Describe Mix Networks
● Describe how Tor Provides Anonymity
● Define Digital Certificates
● Describe the Trusted Platform Module (TPM)
● Describe DNS Amplification
● Distinguish between Watermarking and Steganography
● Describe How Bit-Coin Prevents an Attacker from Faking a Chain
● Describe Why Minors Validate Transactions
● Describe Why BitCoin Mining Consumes So Much Power and Some
Alternatives
● Describe Threats to the BitCoin EcoSystem

Unit Outline:
1. Containerization
2. Injection Attacks and Defenses
3. Privacy and Anonymity
4. Software Validity and Rights
5. Cryptocurrency
6. Final Exam

Network Security - Introduction to Network Security (1 Credit, 5 Weeks)

Unit Grading:
● Labs 15%

7
 ● Quizzes 35%
● Final Exam 50%

Unit Outcomes:
● Describe how "social engineering" can be used to compromise security
● Define the CIA triad
● Identify and plan to manage risks in common situations
● Define a threat tree and threat matrix and explain how they are used
● Define an attack tree, explain how boolean and continuous node values
are used in attack trees, and demonstrate how an attack tree can be used
to determine vulnerabilities
● Explain why it is important for network engineers to understand cyber
attack strategies.
● List and summarize the stages of network attack methodology
● Identify the information an attacker might collect during network
reconnaissance
● Describe at least two "low tech" ways of performing reconnaissance on a
target
● Perform a WHOIS query and extract the IP address of a DNS server
● List at least three publicly available tools used for gathering information
on targets
● Define port scanning and describe the process used to determine whether
a port is open
● Define a proxy server
● Define IP spoofing, ingress filtering, and session hijacking
● Define a Denial of Service attack and explain the difference between a
DoS and DDoS attack
● State the relationship between DoS attacks and geopolitical events
● List at least two vulnerability attacks used in DoS attacks
● Define SYN flooding and explain how it can be protected against
● Describe what happens during a standard DDoS attack
● Explain how DNS poisoning can be used in phishing attacks
● Describe how URLs can be obfuscated to make a phishing attack more
likely to succeed
● List at least two tools used to assess vulnerabilities in networks
● Summarize the typical goals of post-exploitation activity
● Describe the strategies attackers use to maintain access to a
compromised system
● Define trojans, viruses, worms, and blended threats
8
 ● List the typical objectives of trojan creators
● Define rootkits
● Give examples of common uses of Netcat
● Define wrappers
● Summarize common data exfiltration methods
● Summarize how attackers can remove evidence of system compromise in
Windows and Unix systems

Unit Outline:
1. Introduction to Network Security
2. How Networks are Attacked - Part I
3. How Networks are Attacked - Part II
4. How Networks are Attacked - Part III
5. Final Exam

Network Security - Protocols (1 Credit, 5 Weeks)

Unit Grading:
● Labs 15%
● Quizzes 35%
● Final Exam 50%

Unit Outcomes:
● Define and apply a substitution cipher
● Define cryptanalysis
● Explain at a high level the process by which a plaintext message is
encrypted, transmitted, and decrypted.
● Describe at least two strategies for breaking an encryption scheme
● Identify the differences between public key encryption, symmetric key
encryption, and hashing
● List and summarize the characteristics of good ciphers
● Describe the vulnerabilities of stream ciphers
● Define AES and explain why it is recommended over 3DES
● Define cipher block chaining
● List the steps in creating an RSA public/private key pair
● Explain why RSA is secure
● Define message integrity and explain how it is ensured
● Define IPSec and list its services
● Define authentication header and ESP
● Explain the primary goal of IKE and describe its sub-protocols

9
 ● Summarize the five steps of IPSec Operation
● Summarize the history of SSL
● Explain how closure alerts can prevent a truncation attack
● Identify the protocols that make up the SSL architecture
● Describe how SSL/TLS provides protected channels
● State the differences between IPSec and SSL VPN connections
● Explain why it's important to consider Layer 2 security
● Define common Layer 2 attacks
● Identify tools used in Layer 2 attacks
● Describe countermeasures to Layer 2 attacks and security best practices
to prevent attacks
● Explain the differences between the 2.4GHz and 5GHz spectrums
● Provide definitions of basic wireless terms
● Explain how 802.11ac differs from earlier 802.11 standards
● Identify and define the types of 802.11 frames
● List and define the states of 802.11 sessions
● List the steps in establishing an 802.11 session
● Summarize the existing wireless security protocols and state which
protocols should not be used
● Summarize WPA, WPA Enterprise, and generalized WiFi attacks

Unit Outline:
1. Cryptography
2. TLS/SSL and IPSec
3. Layer 2 Security
4. Wireless Security
5. Final Exam

Network Security - Advanced Topics (1 Credit, 5 weeks)

Unit Grading:
● Labs 15%
● Quizzes 35%
● Final Exam 50%

Unit Outcomes:
● Explain what information is collected and analyzed through network

10
 security monitoring, and why monitoring is important
● Define network security monitoring
● Summarize the policies used in network security monitoring
● Define an Intrusion Detection System/Intrusion Prevention System, and
provide a real-world analogy for an IDS
● Define the base rate fallacy and summarize an example
● Summarize the options for deploying an IDS
● Describe common strategies attackers use to evade an IDS
● List potential indicators of a security attack
● Define honeypots and honeynets and list their benefits to organizations
● Summarize the goals of a firewall
● List and define four types of firewalls
● Summarize an example of a filtering rule
● Explain the primary function of NAT
● Summarize the advantages and disadvantages of proxy gateways
● Explain the process for setting up firewalls using IPTables and Netfilter in
Linux
● List the steps in an incoming packet's journey through a Linux firewall
● Summarize the challenges that led to the development of IPv6 and
explain how IPv6 addresses those challenges
● List the differences in IPv4 and IPv6 services and headers
● Differentiate between IPv4 and IPv6 address formats
● List and define IPv6 address types
● List the differences between IPv4 and IPv6 address provisioning
● List the differences between DHCPv4 and DHCPv6
● Summarize dual-stack techniques for IPv4 and IPv6 devices
● Identify security threats common to IPv4 and IPv6, as well as threats
exclusive to IPv6
● Describe how reconnaissance methods will change under IPv6
● List tools that can be use to compromise IPv6 networks
● Describe the security considerations needed in dual-stack host
environments

Unit Outline:
1. Security Monitoring
2. Perimeter Security
3. IPv6
4. IPv6 Security

11
 5. Final Exam

Penetration Testing - Discovering Vulnerabilities (1 Credit, 5 weeks)

Unit Grading:
● Labs 30%
● Quizzes 30%
● Final Exam 40%

Unit Outcomes:
● Scope a penetration test
● Collect interesting information as possible about a target
● Identify potential target systems
● Identify possible entry points into a tested system
● Configure vulnerability scanners to identify weaknesses
● Analyze the results of vulnerability scans

Unit Outline:
1. Introduction to Penetration Testing Methodologies
2. Report Writing and Penetration Testing Preparation
3. Reconnaissance and Enumeration for Pen Testers
4. Scanning & Vulnerability Enumeration
5. Final Exam

Penetration Testing - Exploitation (1 Credit, 5 weeks)

Unit Grading:
● Labs 30%
● Quizzes 30%
● Final Exam 40%

Unit Outcomes:
● Apply methodology to penetration tests to ensure they are consistent,
reproducible, rigorous, and under quality control.
● Analyze the results from automated testing tools to validate findings,
determine their business impact, and eliminate false positives.
● Discover key application flaws.
● Use programming to create testing and exploitation scripts during a
penetration test.
● Discover and exploit SQL Injection flaws to determine true risk to the

12
 victim organization.
● Create configurations and test payloads within other web attacks.
● Fuzz potential inputs for injection attacks.
● Explain the impact of exploitation of application flaws.
● Analyze traffic between the client and server application using tools.
● Discover and exploit Cross-Site Request Forgery (CSRF) attacks.

Unit Outline:
1. Exploitation Pt 1 - Foundations
2. Exploitation Pt 2 – App Debugging Reversing, and Exploit Development
3. Exploitation – Web App Pt 1
4. Exploitation – Web App Pt 2
5. Final Exam

Penetration Testing - Post Exploitation (1 Credit, 5 weeks)

Unit Grading:
● Labs 30%
● Quizzes 30%
● Final Exam 40%

Unit Outcomes:
● Discover credentials utilizing hash dumps
● Perform pass-the-hash attacks
● Document results of the penetration test
● Utilize currently exploited systems to gain access to others.
● Configure exploitation tools to pivot through a target environment

Unit Outline:
1. Post Exploitation - Owning, Pivoting, Privilege Escalation
2. Review of Web App Exploits
3. Exploitation – Passwords and Authentication
4. Penetration Testing Advanced Topics

13
5. Final Exam

14